ThreatPress

WordPress Vulnerabilities Database

Back

WordPress GiveWp plugin <= 2.5.4 - Authentication Bypass

Product
Give
Description
The weakness allows unauthenticated users to bypass API authentication methods and potentially access personally identifiable user information (PII) like names, addresses, IP addresses, and email addresses.
Solution
Update the plugin to the latest version.
Classification
Type Information Disclosure
References
Wordfence
CVE
Name CVE-N/A
Versions
Affected In <= 2.5.4
Fixed In 2.5.5
Disclosure date
2019-09-26
Credits
Wordfence